Oauth 2.0 Login System

Oauth login is seen everywhere nowadays. It basically refers to allowing people to skip the default ‘Sign Up With Us’ part and instead use their already created profiles on social sites like Facebook, Google or Twitter to log into an application. We have added a ‘Login with Google’ and ‘Login with Facebook’ functionality to our Open-Event login page.

13

However a lot goes on behind the back when a user clicks the ‘Login with Google’ button. Firstly a project has to be made and registered on the Google Developers Group with which we can use Google APIs and generate client details. I created an account and a project – Open-Event Server- on my Google Developers Group and generated a set of Client Ids and Client Secret to be used in my code for the login system.

14.png

After that I wrote the code for logging in via the Google button. This is the list of URLs which are used during the process

15.png

The Client details are obtained after creating an account. The AUTH_URI is the url where the user is taken to after clicking the button i.e. the Google Accounts page. The TOKEN_URI is the url from where a token is obtained by the app from Google to access the client details. And the USER_INFO url provides the necessary user details. Once an access token is obtained by the application it can send it to the server which verifies it and provides access to the user’s profile. The SCOPE defines how much of each user’s info can be accessed. Here we only need the profile and email but we can specify other details also. On accessing the AUTH_URI the user is redirected to this page:

16.png

Close Menu